Pindrop’s Voice Intelligence Report 2018 suggests that voice fraud has intensified and is on the up. Between 2016 (one in 937 calls) and 2017 (one in 638 calls), the overall voice channel fraud rate increased by 47%, continuing on the upward trend from last year’s 113% increase. Over the last four years, the fraud rate has climbed by over 350%, with no signs of slowing down.
Two reasons underpin the rise in fraud. First, with cyber crime valued as a $1.5 trillion industry, it’s unsurprising that the frequency of data leaks has contributed to the problem. Risk Xtra recently reported British Airways suffering a data breach that meant around 380,000 card payment details were compromised, while in the United States, as many as 1,300 breaches were tracked last year by the Identity Theft Resource Centre.
Second, fraudsters have become highly sophisticated and have gone omnichannel. For example, a fraudster may use social engineering to reset a password on a victim’s account then use that reset password to commit online fraud.
On one anonymous Fortune 500 customer environment, Pindrop conducted a forensic investigation of fraud in the Interactive Voice Response (IVR) function, as well as the phone channel and the online channel. Pindrop Labs found that suspicious activity in the IVR is the leading indicator of cross-channel fraud. On average, suspicious IVR activity resulted in a fraudulent transaction attempt 15 days later. For more than 85% of fraudulent transactions that originated in the IVR, Pindrop had a 24-hour lead time. This time gap in activity is typical of fraudsters who may be using IVR to verify lists of compromised accounts purchased on The Dark Web. The intention then may be to fine-tune and re-sell that list (accounts identified has having higher activity are more attractive on The Dark Web). This activity aids cyber criminals to profit from data breaches without taking the risk of committing fraud.
Most targeted industries: insurance, banking and retail
Unlike brokerages, insurance companies are seeing a much greater rate of increase in voice fraud, which escalated by 36% from 2016 to 2017 and has risen by 248% since 2015. Banks come in a close second with a 20% increase in fraud year-on-year and an astonishing 269% increase over the last four years. This is closely followed by retail which has seen a 15% increase and a 134% rise over the same four-year period.
Pindrop reported in June this year that business use of voice technology will triple in the next 12 months. The ‘Internet of Ears’ revolution is set to be the biggest opportunity, but also the biggest threat to brand security. Pindrop’s Voice Intelligence Report 2018 reveals that synthetic voice is probably one of the most exciting and potentially the scariest technology threats to consumer data security. Businesses already use machine learning for device, behaviour and voice matching. Fraudsters remain slightly ahead, using machine learning to create synthetic speech, spoof Automatic Number Identifications and conduct ‘robocalls’ to mass attack and spider through an organisation’s IVR in order to verify stolen account information.
Vijay Balasubramaniyan, CEO and co-founder of Pindrop, stated: “A major reason fraud rates rise is that most organisations struggle to find the right balance of security and customer service. When stronger traditional security measures are put into place, these measures typically impact customer experience, and often to an organisation’s detriment. The proliferation of voice technologies will continue to put consumers’ security and identity at risk. Currently, fraudsters can easily dodge existing authentication methods. As businesses adopt the latest voice technologies for the majority of customer interactions, there will be a parallel need for top-notch security.”